<?PHP
session_start();
include_once "dbconnect.php";

$uname = "";
$pword = "";
$errorMessage = "";
//==========================================
//	ESCAPE DANGEROUS SQL CHARACTERS | What is it doing here?
//==========================================
function quote_smart($value, $handle) {

   if (get_magic_quotes_gpc()) {
       $value = stripslashes($value);
   }

   if (!is_numeric($value)) {
       $value = "'" . mysql_real_escape_string($value, $handle) . "'";
   }
   return $value;
}

if ($_POST){
	$uname = $_POST['username'];
	$pword = $_POST['password'];

	//$uname = htmlspecialchars($uname);
	//$pword = htmlspecialchars($pword);

	//==========================================
	//	CONNECT TO THE LOCAL DATABASE
	//==========================================

	//$uname = quote_smart($uname, $db_handle);
	//$pword = quote_smart($pword, $db_handle);
	$pass = md5($pword);
	$SQL = "SELECT * FROM mukt_users WHERE email = '$uname' AND password = '$pass'";
	$result = mysql_query($SQL);

	//====================================================
	//	CHECK TO SEE IF THE $result VARIABLE IS TRUE
	//====================================================

	if ($result) {
        $num_rows = mysql_num_rows($result);
		if ($num_rows > 0) {
			$_SESSION['login'] = "1";
			$_SESSION['uname'] = $uname;
			header ("Location: upresume.php");
		}
		else {
			unset ($_SESSION['login']);
			header ("Location: registration.php");
		}	
	}
	else {
		$errorMessage = "Error logging in";
	}
}


?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>mukt.in v2 | wings of freedom</title>
<link rel="stylesheet" type="text/css" title="My style" media="screen" href="css/style.css" />
</head>

<body>

<div id="container">

<div id="header"> </div>
<div id="leftColumn">
<div id="menucontainer">
<ul id="hex">
<li class="p1"><a href="participate.php"><b></b><span>Participate</span><em></em></a></li>
<li><a href="sponsors.php"><b></b><span>Sponsors</span><em></em></a></li>
<li class="p2"><a href="http://groups.google.com/group/mukt/feed/rss_v2_0_msgs.xml"><b></b><span>Feeds</span><em></em></a></li>
<li class="p2"><a class="inner" href="index.php"><b></b><span>About</span><em></em></a></li>
<li class="p2"><a href="studio.php"><b></b><span>Studio</span><em></em></a></li>
<li class="p1 p2"><a href="chat.php"><b></b><span>Chat</span><em></em></a></li>
<li class="p2"><a href="contact.php"><b></b><span>Contact</span><em></em></a></li>
</ul>
</div>
<br /><br /><br /><br /><br /><br />
</div>

<div id="rightColumn">
<div id="logotext">mukt.in 2008
<h2>1-3 Aug, OU CSE Dept, Hyderabad</h2>
<a href="registration.php" ><img src="images/gnu.jpg" align='right' border='0' /></a>
</div>
<div id="textbox">

<p>
<?php print $errorMessage;?>
<h3>Login</h3>
<p>Please enter your email address and password to proceed:</p>
<form name="login" method="POST" action ="login.php">
<table>
    <tr>
        <th>Email Address: </th>
        <td><input type = 'text' name ='username'  value="<?php print $uname;?>" maxlength="30"></td>
    </tr>
    <tr>
        <th>Password: </th>
        <td><input type = 'password' name ='password'  value="<?php print $pword;?>" maxlength="16"></td>
    </tr>
</table>
<br />
<input type = "submit" name = "submit"  VALUE = "Login">

</form>

</div>
</div>


<div id="footer">
<div id="loginbox">
    <p>
    <?php if (isset($_SESSION['login'])) { ?>
    You are logged in as: <a href="profile.php"><?php echo $_SESSION['uname']?></a> [<a href="logout.php">Logout</a>]
    <?php } else { ?>
    <a href="login.php">[Login]</a>
    <?php } ?>
    </p>
</div>
<p>Thanks to Svein Erik Storkaas.</p></div>

</div>

</body>
</html>
